Protection of Personal Information Act - Section 15

"The responsible party must ensure that the conditions set out in this Chapter, and all the measures that give effect to such conditions, are complied with at the time of determination of the purpose and means of the processing and during the processing itself".

‘Responsible party’ means a public or private body or any other person which, alone or in conjunction with others, determines the purpose of and means for processing personal information."

In law, this is the CEO or the person to whom the CEO has delegated this responsibility in writing.

In reality, accountability for something as important as the protection of personal information and the protection of the organisation’s reputation rightly belongs with the Board. Cultural leadership for a change in attitudes regarding privacy cannot be driven from anywhere other than the Board.

King IV Corporate Governance Assessment

King IV assessmentAssess the current level of your organisation's corporate governance using this King IV assessment tool.

Read more...

COBIT Assessment as a Service

COBIT 5 AssessmentConduct a COBIT assessment using this COBIT Assessment-as-a-Service.

Read more...

POPIA Preliminary Assessments

it governance oversightPOPIA preliminary assessments provide an efficient and effective approach to determining the extent to which the requirements of the Protection of Personal Information Act have been addressed.

Read more...

Go to top